Bug 1892761
| Summary: | [Rebase] Rebase to latest upstream release | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Pavel Březina <pbrezina> |
| Component: | authselect | Assignee: | Pavel Březina <pbrezina> |
| Status: | CLOSED ERRATA | QA Contact: | Dan Lavu <dlavu> |
| Severity: | unspecified | Docs Contact: | David Voženílek <dvozenil> |
| Priority: | unspecified | ||
| Version: | 8.4 | CC: | dlavu, dvozenil, lmanasko, sgoveas, twoerner |
| Target Milestone: | rc | Keywords: | Rebase, Triaged |
| Target Release: | 8.0 | Flags: | pm-rhel:
mirror+
|
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | sync-to-jira qetodo | ||
| Fixed In Version: | authselect-1.2.2-1.el8 | Doc Type: | Known Issue |
| Doc Text: |
.Downgrading `authselect` after the rebase to version 1.2.2 breaks system authentication
The `authselect` package has been rebased to the latest upstream version `1.2.2`. Downgrading `authselect` is not supported and breaks system authentication for all users, including `root`.
If you downgraded the `authselect` package to `1.2.1` or earlier, perform the following steps to work around this problem:
. At the GRUB boot screen, select `Red Hat Enterprise Linux` with the version of the kernel that you want to boot and press `e` to edit the entry.
. Type `single` as a separate word at the end of the line that starts with `linux` and press `Ctrl+X` to start the boot process.
. Upon booting in single-user mode, enter the root password.
. Restore authselect configuration using the following command:
+
----
# authselect select sssd --force
----
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-05-18 15:04:47 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Pavel Březina
2020-10-29 15:37:37 UTC
authselect-1.2.2 release notes: https://github.com/authselect/authselect/releases/tag/1.2.2 I think sanity testing only is needed expect one change: - All generated files are now owned by authselect and if authselect package is uninstalled, the /etc/authselect/nsswitch.conf and /etc/authselect/*-auth files are copied to their system location (/etc/nsswitch.conf, /etc/pam.d/*-auth) and the whole directory /etc/authselect is removed. This should be tested to make sure we don't end up with broken system. Verified against 1.2.2-1.el8 [root@ci-vm-10-0-106-101 etc]# dnf remove authselect authselect-libs Updating Subscription Management repositories. Unable to read consumer identity This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. Dependencies resolved. ======================================================================================================================================== Package Architecture Version Repository Size ======================================================================================================================================== Removing: authselect x86_64 1.2.2-1.el8 @rhel-8.4-baseos 140 k authselect-libs x86_64 1.2.2-1.el8 @rhel-8.4-baseos 865 k Removing dependent packages: realmd x86_64 0.16.3-22.el8 @rhel-8.4-baseos 795 k Transaction Summary ======================================================================================================================================== Remove 3 Packages Freed space: 1.8 M Is this ok [y/N]: y Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Running scriptlet: realmd-0.16.3-22.el8.x86_64 1/1 Erasing : realmd-0.16.3-22.el8.x86_64 1/3 Running scriptlet: realmd-0.16.3-22.el8.x86_64 1/3 Running scriptlet: authselect-1.2.2-1.el8.x86_64 2/3 Erasing : authselect-1.2.2-1.el8.x86_64 2/3 Erasing : authselect-libs-1.2.2-1.el8.x86_64 3/3 Running scriptlet: authselect-libs-1.2.2-1.el8.x86_64 3/3 Verifying : authselect-1.2.2-1.el8.x86_64 1/3 Verifying : authselect-libs-1.2.2-1.el8.x86_64 2/3 Verifying : realmd-0.16.3-22.el8.x86_64 3/3 Installed products updated. Removed: authselect-1.2.2-1.el8.x86_64 authselect-libs-1.2.2-1.el8.x86_64 realmd-0.16.3-22.el8.x86_64 Complete! [root@ci-vm-10-0-106-101 etc]# ls -ltrh /etc/ | grep authselect [root@ci-vm-10-0-106-101 etc]# Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (authselect bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2021:1668 |